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(54) Smart card based encryption in Wi-Fi communication 

(57) A method for performing a secure Wi-Fi com- with the help of the random session key KA. 

munication between a computer of a user and an access 
point of a service operator, the portable device compris- 
ing a card in which a user authentication key Kl is stored, 
the authentication key Kl being specific to the user card 
and known from the service operator, the method com- 
prises the following successive steps : 

a) an authentication step consisting of : 



a1 ) authenticating the user of the port- 
able device based on authentication 
key Kl comparison, 
a2) generating an encryption key KB, 

b) a message generation and transmission step, 
performed by the access point, consisting of : 

b1) generating a random session key 
KA, 

b2) encrypting a packet of data with 
the help of the random session key KA, 
b3) encrypting the session key KA with 
the help of the encryption key KB so 
as to form an encrypted random ses- 
sion key KA, 

b4) forming a message comprising the 
encrypted random session key KA 
and the encrypted packet of data, 

c) a session key decrypting step performed by the 
card, consisting of decrypting the encrypted ran- 
dom session key KA 1 with the help of the encryption 
key KB so as to obtain the random session key KA, 

d) a data decrypting step performed by the portable 
device, consisting of decrypting the packet of data 



/ 1 KA' 



DATA encrypted under Key A 
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Description 

Field of the invention 

[0001] The invention relates to a method for perform- 
ing a secure Wi-Fi communication between a computer 
of a user and an access point of a service operator. 

Background of the invention 

[0002] Wi-Fi stands for Wireless Fidelity and is the 
trademark of the Wi-Fi Alliance which certify the inter- 
operability of wireless communications products using 
802.11 based standards. 

[0003] The key components to Wi-Fi are the network 
interface card, the access point and the LAN bridge. 
[0004] The network interface card is a wireless mo- 
dem that is installed on the users' computer (namely a 
desktop computer or a portable device like a laptop, a 
personal digital assistant PDA, a tablet personal com- 
puter PC, etc.). 

[0005] The access point behaves in the same way as 
a base station in a mobile telecommunication network, 
providing the gateway between the wireless and fixed 
line worlds in the form of a Wi-Fi "cell", from which users 
can access the network. The access points communi- 
cate with network interface cards when they are in the 
range for access. Currently, a typical access point will 
cover a 70-1 00m area and enable up to 64 simultaneous 
users connections. 

[0006] The LAN (Local Area Network) bridge, also 
called extension points, are used to connect LANs in dif- 
ferent buildings. A LAN bridge connected to the network 
in one building can transmit and receive data from an- 
other bridge in an adjacent building, much like a point- 
to-point radio. LAN bridge products support fairly high 
data rates and ranges of several kilometers with the use 
of line-of-sight directional antennas. There are at least 
2 types of LAN, the WLAN and the PWLAN. 
[0007] The WLAN or wireless LAN is basically the 
term given when a LAN is created using Wi-Fi technol- 
ogy. 

[0008] The PWLAN or public wireless LAN is basically 
the provision of WLAN services to the general public in 
public places, typically called "hot spots". Hot spots can 
be found in airport, hotels, coffee shops, shopping malls 
and conference centers, etc... 

[0009] The level of security provided with Wi-Fi is very 
poor. In the most basic form the access point will make 
use of wired equivalent privacy mechanism for authen- 
tication. Such a mechanism provides 2 levels of securi- 
ty: an open system, which provides no security and all 
terminals are allowed to use the system, and a shared- 
key authentication. The shared-key authentication 
mechanism is based upon the fact all users and access 
points have a common shared secret key. The access 
point sends a random challenge parameter that the sta- 
tion must encrypt and return. If the access point com- 



putes the same response based on the shared keys 
then validation is successful. Given that this key is com- 
mon between all users of the same access point, it fails 
to provide any satisfactory level of security. For this rea- 
5 son, there is a need of stronger mechanisms for authen- 
tication and encryption. 

[0010] It has already been proposed a smart card- 
based authentication as a security solution for Wi-Fi sys- 
tem. A proposed solution is based on existing solutions 
used by GSM telecommunication network operators. In 
particular, there are solutions based on mechanism for 
authentication and session key distribution using the 
GSM subscriber identity module (know as SIM card). 
[0011] Nevertheless, once the secure authentication 
has been done, there is still security issues in the com- 
munication because the information inside a hot spot 
can still be trapped. The only possible solution for this 
is to do an encrypted communication between the end 
user computer (i.e the user's workstation) and the ac- 
cess point computer. 

[0012] It has already been proposed to encrypt mes- 
sages at the portable device or computer level. Howev- 
er, this raised security problems as software of the com- 
puter can be easily cracked . 

Object and summary of the invention 

[0013] Therefore it is an object of the present inven- 
tion to provide a method for performing a secure Wi-Fi 
communication between a computer of a user and an 
access point of a Wi-Fi service operator that overcomes 
the at least one shortcoming of the prior art communi- 
cation methods. 

[0014] The method of the invention for performing a 
secure Wi-Fi communication involves a smart card- 
based encryption mechanism. In particular, a first key 
(session key) generated randomly is used to encrypt a 
data packet. The first key is transmitted with the data 
packet in a message but encrypted under a second key 
(encryption key). The card is used to protect from hack- 
ing the session key that will be used to protect the real 
and complete data to be transmitted between the user's 
computer and the access point. 

[0015] According to the invention, the method for per- 
forming a secure Wi-Fi communication between a com- 
puter of a user and an access point of a service operator, 
the computer comprising a card in which a user authen- 
tication key Kl is stored, said authentication key Kl being 
specific to the user card and known from the service op- 
erator, comprises the following successive steps : 

a) an authentication step consisting of : 

a1) authenticating the user of the portable de- 
vice based on authentication key Kl compari- 
son, 

a2) generating an encryption key KB, 



15 



20 



25 



30 



35 



40 



45 



50 



2 



3 



EP 1 517 475 A1 



4 



b) a message generation and transmission step, 
performed by the access point, consisting of : 

b1) generating a random session key KA, 
b2) encrypting a packet of data with the help of 
the random session key KA, 
b3) encrypting the session key KA with the help 
of the encryption key KB so as to form an en- 
crypted random session key KA, 
b4) forming a message comprising the encrypt- 
ed random session key KA 1 and the encrypted 
packet of data, 

c) a session key decrypting step performed by the 
card, consisting of decrypting the encrypted ran- 
dom session key KA 1 with the help of the encryption 
key KB so as to obtain the random session key KA, 

d) a data decrypting step performed by the user's 
computer, consisting of decrypting the packet of da- 
ta with the help of the random session key KA. 

[001 6] Advantageously, the step of authenticating the 
user of the computer based on the indirect authentica- 
tion key Kl comparison further comprises the steps of : 

a1.1) preparing in an authentication center of the 
service operator a vector comprising three values 
based on an authentication algorithm using the au- 
thentication key Kl , said values being a random val- 
ue, a calculation result comparison and a calcula- 
tion result for encryption key using the random val- 
ue, 

a1 .2) sending the random value as a challenge to 
the computer of the user, 

a1 .3) preparing in the computer of the user an au- 
thentication resulting value based on the random 
value and the same authentication algorithm, 
a1 .4) sending the authentication resulting value to 
the authentication center of the service operator, 
and comparing said value with the pre-defined val- 
ue comprised in the vector, 

a1 .5) authenticating the user of the computer based 
on positive comparison. 

[0017] Advantageously, the step of generating an en- 
cryption key KB consists in using the random value for 
calculating in the computer of the user the encryption 
key KB using a service operator specific authentication 
algorithm. 

[0018] According to another characteristic of the in- 
vention, the message generation andtransmission step, 
the session key decrypting step and the data decrypting 
step are re-iterated in case further data are to be trans- 
mitted. 

In case nofurther data are to be transmitted, thesession 
is closed. 

Advantageously, the encryption key KB is generated for 
each authentication. The encryption key is different as 



the result of the authentication process because a ran- 
dom value is prepared for every authentication. 
The session key KA can be generated for one message 
transmission. Alternatively, the session key KA can be 
5 generated for several consecutive message transmis- 
sion. 

[0019] With the method of the invention, the speed 
limitation of smart card to process data does not prevent 
to have a high-speed communication between the us- 
10 er's computer and the access point. 

[0020] Consequently, with the method of the inven- 
tion, it is possible to perform a secure communication 
between the computer and the access point based on 
the strength of smart card based encryption while main- 
's taining a high-speed communication. 

[0021 ] Other characteristics and advantages of the in- 
vention will be described in more detailed in the follow- 
ing description of the invention and in one practical ex- 
ample of application. 

20 

Brief description of the drawings 

[0022] The following detailed description, given by 
way of example, will be best understood with the accom- 
25 panying drawing in which the unique Figure 1 schemat- 
ically illustrates the different steps of the method for per- 
forming an encrypted Wi-Fi communication according 
to the invention. 



[0023] Users' computer means any workstation being 
either a desktop computer or a portable device like a 
laptop computer, a personal digital assistant PDA, a tab- 
35 let personal computer PC, etc... which comprises a Wi- 
Fi network interface card enabling a connection to an 
access point. 

Card or smart card means any portable object being ei- 
ther a token, or a plastic card, a plug, etc... which com- 

40 prises an embedded microprocessor. 

Users' computer comprising a card means that the us- 
ers' computer is either fitted with, or connected to a card 
or a smart card by ways of card reader. 
[0024] The unique drawing illustrates schematically 

45 the successive steps of an encrypted Wi-Fi communi- 
cation according to the invention. 
[0025] During the first step 1 , the authentication proc- 
ess is done. The user of the computer is authenticated 
based on indirect authentication key Kl comparison. 

50 The comparison is indirectly based on authentication 
key Kl in the sense that the Kl is not directly compared. 
Instead, the comparison is done for the calculation result 
using the random value and an authentication algorithm 
(the authentication algorithm depends of the operator). 

55 [0026] The card comprises a specific file in which the 
authentication key Kl is stored (Kl file) and a specific 
algorithm analog to GSM system. The authentication 
key Kl is unique for each card (randomly generated), so 
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that there can be only one user that is able to use the 
card. The value of the authentication key Kl is commu- 
nicated to the GSM operator when the personalized 
cards are being delivered from the factory. These values 
will then be stored securely in their Authentication Cent- 
er for further use. During the authentication process, 
GSM operator will communicate a vector with three val- 
ues (already prepared in their Authentication Center) to 
the Wi-Fi operator which eventually will be directed to 
the access-point computer AP (random value, calcula- 
tion result for comparison and calculation result for en- 
cryption key). Consequently, a secure authentication 
can be performed. 

[0027] During the second step 2, as the result of the 
authentication process, the same encryption key KB is 
stored both in access-point computer memory and in the 
card. 

A new value is set for every new communication as the 
result of the authentication process. Renewing the en- 
cryption key KB for each authentication enables to im- 
prove security of the whole method. 
[0028] During the third step 3, the message to be 
transmitted is generated by the access point computer 
AP. The access point computer AP will first generate a 
random number called a session key KA. The session 
key KA is encrypted under encryption key KB, so as to 
obtain a encrypted session key KA 1 . The data to be 
transmitted are encrypted under session key KA. A mes- 
sage comprising the encrypted session key KA 1 and the 
encrypted data is formed. 

[0029] During the fourth step 4, the message is trans- 
mitted to the user's computer via the Wi-Fi connection. 
The card SC performed a decryption of encrypted ses- 
sion key KA 1 using the stored encryption key KB so as 
to obtain the session key KA. 

[0030] During the fifth step 5, once the session key 
KA has been obtain by the appropriate program in user's 
workstation, the message is decrypted by using the ses- 
sion key KA and the user's program can make further 
processing on the message. 

[0031] In a first alternative NM1 , the session key KA 
is generated for only one message transmission. Thus, 
in case a second message needs to be transmitted, the 
process begin at the step consisting in generating a new 
session key KA. 

In a second alternative, the session key KA is generated 
for several consecutive message transmission. Thus, in 
case a second message needs to be transmitted, the 
process begin at the step consisting of forming the mes- 
sage based on the same session key KA. 
[0032] It is to be noted that the same process could 
be done vice versa, namely the workstation will gener- 
ate another random value as session key KA and en- 
crypt the data to be sent to access point computer under 
this session key. The user's computer will then use the 
smart card SC to encrypt session key KA under encryp- 
tion key KB so that another encrypted session key KA' 
is obtained. Finally, the message will be formed and sent 



to access point computer where it will be decrypted 
based on the same process. 

[0033] According to the invention, a secure commu- 
nication between user's computer (workstation) and ac- 

5 cess point computer is achieved. Sensitive information 
(encryption key) is stored in the card which has stronger 
protection compared to a program software in the work- 
station. There are two transaction / session involved, 
thus adding the strength on security by generating the 

10 encryption key during the authentication process, and 
by generating the session key for one or several con- 
secutive message(s) transmission. 
Advantageously, the speed limitation of the card is 
avoided since the card processes only a few quantity 

15 information (session and encryption keys only), and not 
the whole data packet. Consequently, the communica- 
tion performance is maintained. Finally, security is im- 
proved by the fact that the whole process is not possible 
in case a card is physically not present or connected to 

20 user's computer. 



Claims 

25 1 . A method for performing a secure Wi-Fi communi- 
cation between a computer of a user and an access 
point of a service operator, said computer compris- 
ing a card in which a user authentication key Kl is 
stored, said authentication key Kl being specific to 
30 the user card and known from the service operator, 
the method comprising the following successive 
steps : 

a) an authentication step consisting of : 

35 

a1) authenticating the user of the computer 
based on an indirect authentication key Kl 
comparison, 

a2) generating an encryption key KB, 

40 

b) a message generation and transmission 
step, performed by the access point, consisting 
of : 

^5 b1) generating a random session key KA, 

b2) encrypting a packet of data with the 
help of the random session key KA, 
b3) encrypting the session key KA with the 
help of the encryption key KB so as to form 
50 an encrypted random session key KA', 

b4) forming a message comprising the en- 
crypted random session key KA' and the 
encrypted packet of data, 

55 c) a session key decrypting step performed by 

the card, consisting of decrypting the encrypted 
random session key KA' with the help of the en- 
cryption key KB so as to obtain the random ses- 
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sion key KA, 

d) a data decrypting step performed by the 
computer, consisting of decrypting the packet 
of data with the help of the random session key 
KA. 

2. A method for performing a secure Wi-Fi communi- 
cation as recited in claim 1 , wherein the step of au- 
thenticating the user of the computer based on an 
indirect authentication key Kl comparison further 
comprises the steps of : 

a1.1) preparing in an authentication center of 
the service operator a vector comprising three 
values based on an authentication algorithm 
using the authentication key Kl , said values be- 
ing a random value, a calculation result com- 
parison and a calculation result for encryption 
key using the random value, 
a1 .2) sending the random value as a challenge 
to the computer of the user, 
a1 .3) preparing in the computer of the user an 
authentication resulting value based on the ran- 
dom value and the same authentication algo- 
rithm, 

a1 .4) sending the authentication resulting value 
to the authentication center of the service op- 
erator, and comparing said value with the pre- 
defined value comprised in the vector, 
a1 .5) authenticating the user of the computer 
based on positive comparison. 

3. A method for performing a secure Wi-Fi communi- 
cation as recited in any of the preceding claims, 
wherein the step of generating an encryption key 
KB consists in using the random value for calculat- 
ing in the computer of the user the encryption key 
KB using a service operator specific authentication 
algorithm. 

4. A method for performing a secure Wi-Fi communi- 
cation as recited in any of the preceding claims, 
consisting in re-iterating the message generation 
and transmission step, the session key decrypting 
step and the data decrypting step in case further 
data are to be transmitted. 

5. A method for performing a secure Wi-Fi communi- 
cation as recited in any of the preceding claims, 
consisting in closing the session in case no further 
data are to be transmitted. 

6. A method for performing a secure Wi-Fi communi- 
cation as recited in one of the claims 1 to 3, wherein 
the encryption key KB is generated for each authen- 
tication. 

7. A method for performing a secure Wi-Fi communi- 



cation as recited in any of the preceding claims, 
wherein the session key KA is generated for one 
message transmission. 

5 8. A method for performing a secure Wi-Fi communi- 
cation as recited in any of the claims 1 to 6, wherein 
the session key KA is generated for several consec- 
utive message transmission. 
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